Max CVSS 10.0 Min CVSS 2.1 Total Count183
IDCVSSSummaryLast (major) updatePublished
CVE-2018-19518 8.5
University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without pre
25-11-2018 - 05:29 25-11-2018 - 05:29
CVE-2018-14665 7.2
A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate the
29-10-2018 - 08:29 25-10-2018 - 16:29
CVE-2018-15442 7.2
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow an authenticated, local attacker to execute arbitrary commands as a privileged user. The vulnerability is due to insufficient validation of user-supplie
24-10-2018 - 15:29 24-10-2018 - 15:29
CVE-2016-9604 2.1
It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as '.dns_resolver' in RHEL-7 or '.builtin_trusted_keys' upstream, by joining it as its session keyring. This allows root to bypass mod
11-07-2018 - 09:29 11-07-2018 - 09:29
CVE-2018-12613 6.5
An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and
21-06-2018 - 16:29 21-06-2018 - 16:29
CVE-2018-8120 7.2
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. Th
09-05-2018 - 15:29 09-05-2018 - 15:29
CVE-2017-0358 7.2
Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges. A local user can take advantage of this flaw for local root privilege esca
16-04-2018 - 05:58 13-04-2018 - 11:29
CVE-2017-0372 7.5
Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.
13-04-2018 - 12:29 13-04-2018 - 12:29
CVE-2017-18044 10.0
A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside the Commvault service does not properly validate the input of an incoming string before passing it to
19-01-2018 - 12:29 19-01-2018 - 12:29
CVE-2017-14016 6.8
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of the length of user-supplied data prior to copying it to a stack-based buffer, which could allow an a
06-11-2017 - 17:29 06-11-2017 - 17:29
CVE-2017-16524 6.5
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, wh
06-11-2017 - 03:29 06-11-2017 - 03:29
CVE-2017-1000112 6.9
Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from
04-10-2017 - 21:29 04-10-2017 - 21:29
CVE-2017-11467 10.0
OrientDB through 2.2.22 does not enforce privilege requirements during "where" or "fetchplan" or "order by" use, which allows remote attackers to execute arbitrary OS commands via a crafted request.
19-07-2017 - 20:29 19-07-2017 - 20:29
CVE-2017-3631 4.6
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where S
22-06-2017 - 09:29 22-06-2017 - 09:29
CVE-2017-3630 4.6
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w
22-06-2017 - 09:29 22-06-2017 - 09:29
CVE-2017-3629 7.2
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure w
22-06-2017 - 09:29 22-06-2017 - 09:29
CVE-2017-1000364 6.2
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the
19-06-2017 - 12:29 19-06-2017 - 12:29
CVE-2017-7308 7.2
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or
11-05-2017 - 21:29 29-03-2017 - 16:59
CVE-2016-8655 7.2
Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet
07-03-2017 - 21:59 08-12-2016 - 03:59
CVE-2014-8440 10.0
Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attacker
06-01-2017 - 22:00 11-11-2014 - 18:55
CVE-2014-6332 9.3
OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute ar
06-01-2017 - 22:00 11-11-2014 - 17:55
CVE-2014-0514 9.3
The Adobe Reader Mobile application before 11.2 for Android does not properly restrict use of JavaScript, which allows remote attackers to execute arbitrary code via a crafted PDF document, a related issue to CVE-2012-6636.
06-01-2017 - 21:59 15-04-2014 - 19:13
CVE-2015-0016 9.3
Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remot
02-01-2017 - 21:59 13-01-2015 - 17:59
CVE-2016-6664 6.9
mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5
23-12-2016 - 21:59 13-12-2016 - 16:59
CVE-2001-0414 10.0
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
07-12-2016 - 21:59 18-06-2001 - 00:00
CVE-2015-8660 7.2
The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via
07-12-2016 - 13:29 28-12-2015 - 06:59
CVE-2014-4936 9.3
The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malwarebytes Anti-Exploit (MBAE) consumer 1.04.1.1012 and earlier allow man-in-the-middle attackers to execute arbitrary code by spoofing the update server and up
06-12-2016 - 22:00 16-12-2014 - 13:59
CVE-2016-4997 7.2
The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-contai
02-12-2016 - 22:27 03-07-2016 - 17:59
CVE-2015-1328 7.2
The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access b
29-11-2016 - 13:04 27-11-2016 - 22:59
CVE-2016-4557 7.2
The replace_map_fd_with_map_ptr function in kernel/bpf/verifier.c in the Linux kernel before 4.5.5 does not properly maintain an fd data structure, which allows local users to gain privileges or cause a denial of service (use-after-free) via crafted
28-11-2016 - 15:18 23-05-2016 - 06:59
CVE-2013-3623 10.0
Multiple stack-based buffer overflows in cgi/close_window.cgi in the web interface in the Intelligent Platform Management Interface (IPMI) with firmware before 3.15 (SMT_X9_315) on Supermicro X9 generation motherboards allow remote attackers to execu
28-11-2016 - 14:09 10-12-2013 - 11:11
CVE-2008-5444 10.0
Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2008-5448 and CVE-
22-11-2016 - 11:14 13-01-2009 - 20:30
CVE-2013-1347 9.3
Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly allocated or (2) is deleted, as exploited in the wild in May 2013.
19-10-2016 - 13:55 05-05-2013 - 07:07
CVE-2005-1543 7.5
Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote att
17-10-2016 - 23:20 25-05-2005 - 00:00
CVE-2005-1099 10.0
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
17-10-2016 - 23:17 12-04-2005 - 00:00
CVE-2005-0491 10.0
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
17-10-2016 - 23:12 02-05-2005 - 00:00
CVE-2005-0308 7.5
Buffer overflow in the wsprintf function in W32Dasm 8.93 and earlier allows remote attackers to execute arbitrary code via a large import or export function name.
17-10-2016 - 23:10 24-01-2005 - 00:00
CVE-2004-1638 7.5
Buffer overflow in MailCarrier 2.51 allows remote attackers to execute arbitrary code via a long (1) EHLO and possibly (2) HELO command.
17-10-2016 - 22:58 16-10-2004 - 00:00
CVE-2004-1134 10.0
Buffer overflow in the Microsoft W3Who ISAPI (w3who.dll) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long query string.
17-10-2016 - 22:51 10-01-2005 - 00:00
CVE-2004-0964 10.0
Buffer overflow in Zinf 2.2.1 on Windows, and other older versions for Linux, allows remote attackers or local users to execute arbitrary code via certain values in a .pls file.
17-10-2016 - 22:50 09-02-2005 - 00:00
CVE-2004-0608 10.0
The Unreal Engine, as used in DeusEx 1.112fm and earlier, Devastation 390 and earlier, Mobile Forces 20000 and earlier, Nerf Arena Blast 1.2 and earlier, Postal 2 1337 and earlier, Rune 107 and earlier, Tactical Ops 3.4.0 and earlier, Unreal 1 226f a
17-10-2016 - 22:46 06-12-2004 - 00:00
CVE-2004-0330 10.0
Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
17-10-2016 - 22:44 23-11-2004 - 00:00
CVE-2004-0206 7.5
Network Dynamic Data Exchange (NetDDE) services for Microsoft Windows 98, Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 allows attackers to remotely execute arbitrary code or locally gain privileges via a malicious message or appl
17-10-2016 - 22:41 03-11-2004 - 00:00
CVE-2003-0822 7.5
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0812 7.5
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0714 7.5
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a
17-10-2016 - 22:36 17-11-2003 - 00:00
CVE-2003-0533 7.5
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and
17-10-2016 - 22:35 01-06-2004 - 00:00
CVE-2003-0349 7.5
Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via
17-10-2016 - 22:32 24-07-2003 - 00:00
CVE-2002-1123 7.5
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port 1433, aka the "Hello" overflow.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0649 7.5
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which (1) a 0x04
17-10-2016 - 22:21 12-08-2002 - 00:00
CVE-2001-0797 10.0
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
17-10-2016 - 22:11 12-12-2001 - 00:00
CVE-2001-0241 10.0
Buffer overflow in Internet Printing ISAPI extension in Windows 2000 allows remote attackers to gain root privileges via a long print request that is passed to the extension through IIS 5.0.
17-10-2016 - 22:10 27-06-2001 - 00:00
CVE-2012-3261 10.0
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1463.
06-09-2016 - 09:37 25-09-2012 - 07:07
CVE-2012-3260 10.0
Unspecified vulnerability in a SOAP feature in HP SiteScope 11.10 through 11.12 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1462.
06-09-2016 - 09:33 25-09-2012 - 07:07
CVE-2014-2299 9.3
Buffer overflow in the mpeg_read function in wiretap/mpeg.c in the MPEG parser in Wireshark 1.8.x before 1.8.13 and 1.10.x before 1.10.6 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a large re
01-06-2016 - 22:25 11-03-2014 - 09:01
CVE-2015-8279 5.0
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices allows remote attackers to read arbitrary files via a request to an unspecified PHP script.
20-01-2016 - 14:53 14-01-2016 - 22:59
CVE-2015-1592 7.5
Movable Type Pro, Open Source, and Advanced before 5.2.12 and Pro and Advanced 6.0.x before 6.0.7 does not properly use the Perl Storable::thaw function, which allows remote attackers to include and execute arbitrary local Perl files and possibly exe
19-11-2015 - 11:56 19-02-2015 - 10:59
CVE-2014-100015 6.4
Directory traversal vulnerability in pdmwService.exe in SolidWorks Workgroup PDM 2014 allows remote attackers to write to arbitrary files via a .. (dot dot) in the filename in a file upload.
14-01-2015 - 14:47 13-01-2015 - 10:59
CVE-2010-1870 5.0
The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote attackers to modify server-side contex
24-07-2014 - 00:22 17-08-2010 - 16:00
CVE-2013-3630 4.6
Moodle through 2.5.2 allows remote authenticated administrators to execute arbitrary programs by configuring the aspell pathname and then triggering a spell-check operation within the TinyMCE editor.
07-03-2014 - 09:40 31-10-2013 - 22:55
CVE-2014-0038 6.9
The compat_sys_recvmmsg function in net/compat.c in the Linux kernel before 3.13.2, when CONFIG_X86_X32 is enabled, allows local users to gain privileges via a recvmmsg system call with a crafted timeout pointer parameter.
05-03-2014 - 23:50 06-02-2014 - 17:55
CVE-2011-0609 9.3
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9
11-02-2014 - 23:27 15-03-2011 - 13:55
CVE-2013-2827 7.5
An unspecified ActiveX control in WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 allows remote attackers to download arbitrary DLL code onto a client machine and execute this code via the ProjectURL proper
16-01-2014 - 12:21 15-01-2014 - 11:08
CVE-2006-6199 7.5
Stack-based buffer overflow in BlazeVideo BlazeDVD Standard and Professional 5.0, and possibly earlier, allows remote attackers to execute arbitrary code via a long filename in a PLF playlist.
12-12-2013 - 22:37 30-11-2006 - 20:28
CVE-2009-0927 9.3
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerabili
22-11-2013 - 13:19 19-03-2009 - 06:30
CVE-2012-4969 9.3
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012.
02-11-2013 - 23:27 18-09-2012 - 06:39
CVE-2011-0257 9.3
Integer signedness error in Apple QuickTime before 7.7 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PnSize opcode in a PICT file that triggers a stack-based buffer overflow.
02-11-2013 - 23:09 15-08-2011 - 17:55
CVE-2008-2992 9.3
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-20
27-08-2013 - 02:03 04-11-2008 - 13:29
CVE-2010-3962 9.3
Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary code via vectors related to Cascading Style Sheets (CSS) token sequences and the clip attribute, aka an "invalid flag reference" issu
19-08-2013 - 02:16 05-11-2010 - 13:00
CVE-2012-1889 9.3
Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site.
06-03-2013 - 23:54 13-06-2012 - 00:46
CVE-2009-1430 9.3
Multiple stack-based buffer overflows in IAO.EXE in the Intel Alert Originator Service in Symantec Alert Management System 2 (AMS2), as used in Symantec System Center (SSS); Symantec AntiVirus Server; Symantec AntiVirus Central Quarantine Server; Sym
06-02-2013 - 23:17 29-04-2009 - 11:30
CVE-2007-1868 10.0
The management service in IBM Tivoli Provisioning Manager for OS Deployment before 5.1 Fix Pack 2 does not properly handle multipart/form-data in HTTP POST requests, which allows remote attackers to execute arbitrary code or cause a denial of service
05-11-2012 - 22:36 04-04-2007 - 12:19
CVE-2007-2446 10.0
Multiple heap-based buffer overflows in the NDR parsing in smbd in Samba 3.0.0 through 3.0.25rc3 allow remote attackers to execute arbitrary code via crafted MS-RPC requests involving (1) DFSEnum (netdfs_io_dfs_EnumInfo_d), (2) RFNPCNEX (smb_io_notif
30-10-2012 - 22:34 14-05-2007 - 17:19
CVE-2008-5457 10.0
Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrit
22-10-2012 - 22:56 13-01-2009 - 21:30
CVE-2011-5170 9.3
Stack-based buffer overflow in Castillo Bueno Systems CCMPlayer 1.5 allows remote attackers to execute arbitrary code via a long track name in an m3u playlist.
17-09-2012 - 00:00 15-09-2012 - 13:55
CVE-2011-5124 10.0
Stack-based buffer overflow in the BCAAA component before build 60258, as used by Blue Coat ProxySG 4.2.3 through 6.1 and ProxyOne, allows remote attackers to execute arbitrary code via a large packet to the synchronization port (16102/tcp).
27-08-2012 - 18:30 26-08-2012 - 15:55
CVE-2011-1591 9.3
Stack-based buffer overflow in the DECT dissector in epan/dissectors/packet-dect.c in Wireshark 1.4.x before 1.4.5 allows remote attackers to execute arbitrary code via a crafted .pcap file.
13-08-2012 - 23:26 29-04-2011 - 18:55
CVE-2008-5499 9.3
Unspecified vulnerability in Adobe Flash Player for Linux 10.0.12.36, and 9.0.151.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file.
10-07-2012 - 00:00 17-12-2008 - 19:30
CVE-2011-3492 10.0
Stack-based buffer overflow in Azeotech DAQFactory 5.85 build 1853 and earlier allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a crafted NETB packet to UDP port 20034.
04-06-2012 - 00:00 16-09-2011 - 10:28
CVE-2011-3976 6.8
Stack-based buffer overflow in AmmSoft ScriptFTP 3.3 allows remote FTP servers to execute arbitrary code via a long filename in a response to a LIST command, as demonstrated using (1) GETLIST or (2) GETFILE in a ScriptFTP script.
14-05-2012 - 00:00 04-10-2011 - 06:55
CVE-2011-4535 6.8
Buffer overflow in TurboPower Abbrevia before 4.0, as used in ScadaTEC ScadaPhone 5.3.11.1230 and earlier, ScadaTEC ModbusTagServer 4.1.1.81 and earlier, and other products, allows remote attackers to cause a denial of service (application crash) or
03-04-2012 - 00:00 02-04-2012 - 23:44